fleet-infra/clusters/lab/security/authelia-forwardauth.yaml

---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: authelia-forwardauth
  namespace: default
spec:
  forwardAuth:
    address: http://authelia-authelia.authelia.svc.cluster.local/api/authz/forward-auth
    trustForwardHeader: true
    authResponseHeaders:
    - Remote-User
    - Remote-Groups
    - Remote-Email
    - Remote-Name